Press Release

ThreatMetrix Reveals Strategies for Small and Medium-Sized Businesses to Avoid Falling Victim to Data Breaches

ThreatMetrix Reveals Strategies for Small and Medium-Sized Businesses to Avoid Falling Victim to Data Breaches

Posted October 21, 2014

Continuing its Alignment with National Cyber Security Awareness Month, ThreatMetrix Draws on Recent Data Breaches to Outline Cyber Security Lessons for Small Businesses

San Jose, CA – October 21, 2014 – ThreatMetrix®, the fastest-growing provider of context-based security and advanced fraud prevention solutions, today announced several risks and preventative strategies for small and medium businesses (SMBs) protect against data breaches, continuing its commitment to this year’s National Cyber Security Awareness Month (NCSAM) theme, “Our Shared Responsibility,” as well as the fourth week’s theme of examining cybersecurity for SMBs in addition to entrepreneurs.

The theme of NCSAM’s fourth week is “Cyber Security for Small and Medium-Sized Businesses and Entrepreneurs,” calling attention to the importance of cybersecurity measures for smaller businesses, as well as addressing the special challenges faced by these entities when it comes to cybersecurity. Recent high-profile breaches such as JPMorgan Chase and Home Depot – which have compromised millions of accounts and other sensitive information – make now a more important time than ever for SMB owners and entrepreneurs to educate themselves on cyber security. Several risks these businesses face, along with preventative strategies include:

No Business is Too Small

Cybercriminals will target any business, large or small, so long as there is a consistent flow of revenue. Since large companies often have more comprehensive cybercrime prevention strategies in place, cybercriminals often turn to smaller organizations instead. Rapidly-growing, small businesses also risk falling victim to cybercriminals as they increasingly gain recognition. As a result, some SMBs choose not to expand internationally because of the possible increased fraud risk and end up missing out on revenue opportunities.

“The unfortunate fact is that some small businesses see their first cyber attack or breach as an early sign of business growth and recognition,” said Andreas Baumhof, chief technology officer at ThreatMetrix. “The focus for every small business is to grow as fast as possible. The mindset is ‘If I don’t sell anything, I don’t need a fraud solution, so let’s first sell and then figure out the fraud problems later.’ However, this is an ineffective way for businesses to treat their customers’ sensitive information, as these businesses will ultimately be targeted by cybercriminals.”

Stolen Identities Are a Growing Problem

The recent JPMorgan Chase, Home Depot and other breaches added millions of stolen identities to the millions already on black markets. The JPMorgan Chase breach alone compromised the accounts of 76 million households and seven million small businesses. These compromised accounts pose the risks of stolen credit card information, personal information sold on black markets and fraud ranging from account takeover to financial fraud to businesses of all sizes.

According to recent data from a ThreatMetrix Cybercrime Index™ Benchmark Report businesses in the ThreatMetrix® Global Trust Intelligence Network have reported frequently detecting and deterring identity spoofing attacks in logins, various transactions and account creation. ThreatMetrix expects this trend will accelerate over the next year as the U.S. adoption of “chip and signature” credit card technology in 2015 drives more fraud online.

Smaller Businesses Have Fewer Resources

Recent high-profile breaches of large enterprises draw attention to the fact that SMBs are at even higher risk with fewer resources available for cybercrime prevention. Not only do many of these organizations not have dedicated cyber security teams, but if for those who are breached, it is extremely difficult to recover from the damage to their business, as growth and profits are stunted post-data breach. Fast-growing SMBs often make the mistake of prioritizing business success and revenue over fraud prevention.

“Small and medium-sized businesses will always have fewer resources than large enterprises to protect themselves, so the focus needs to be on how all enterprises, small and large, can work together to level the playing field and combat fraud altogether,” said Baumhof. “Threat intelligence sharing through an anonymized global network benefits every business involved and helps to build trust on the Internet. It’s the responsibility of small and large businesses alike to collaborate against cybercriminals.”

In order for SMBs to get ahead of the curve on cybersecurity strategies, there needs to be collaboration and information sharing at the business and the government level, while protecting consumer privacy. The ThreatMetrix® Global Trust Intelligence Network anonymizes and encrypts data to enable businesses of all sizes to identify threats and keep their organizations secure without providing any personally identifiable information.

In addition to the overall theme of “cybersecurity is a shared responsibility,” the U.S. Department of Homeland Security outlined weekly themes to commemorate National Cyber Security Awareness Month throughout October. The remaining the upcoming theme is:

Week Five – Cyber Crime and Law Enforcement

ThreatMetrix will continue to support each week’s theme through the end of the month. To commemorate National Cyber Security Awareness Month, ThreatMetrix has also signed on as a “Champion” with the National Cyber Security Alliance.